0 views

Uploaded by nalevihtkas

VISUAL CRYPTOGARPHY

- HIDING A MESSAGE IN MP3 USING LSB WITH 1, 2, 3 AND 4 BITS
- A New Crypto-Watermarking Method for Medical Image
- 202-7201
- Lecture 11
- Seminar Presentation
- Digital Watermarking and Steganography_ Fundamentals and Techniques 2nd Edition.pdf
- 4932707 Cryptography
- Information Security Principles and Practice, 2nd Edition, By Mark Stamp
- [IJET-V1I6P12] Authors: Manisha Bhagat, Komal Chavan ,Shriniwas Deshmukh
- S17-07
- Survey on Efficient Information Retrieval for Ranked Query in Cost-Efficient Clouds
- Lecture 19
- Steganography Presentation
- Visual Cryptography
- Cryptography Role in Information Security
- A Prototype Implementation for Public Key Infrastructure Based on Transport Layer Security
- Fundamental of E- Commerce5
- Entropy and Structure in Cryptography
- apcsp pacing calendar 2016-17
- Lec01_Intro

You are on page 1of 12

Information Sciences

journal homepage: www.elsevier.com/locate/ins

remedy abilities

Chin-Chen Chang a, Yi-Hui Chen b,⇑, Hsin-Chi Wang c

a

Department of Information Engineering and Computer Science, Feng Chia University, Taichung 40724, Taiwan

b

Department of Applied Informatics and Multimedia, Asia University, Taichung 41354, Taiwan

c

Department of Information and Communication Security Technology Center, Institute for Information Industry, Taipei 10622, Taiwan

a r t i c l e i n f o a b s t r a c t

Article history: Lin and Tasi, Yang et al., and Chang et al.’s meaningful secret sharing schemes provided

Received 3 December 2008 authentication mechanisms but none included a remedy ability that would cause the secret

Received in revised form 11 July 2010 image never to be completely obtained while some information of the stego-images are

Accepted 7 March 2011

losing or tampering with. This paper proposes a meaningful secret-sharing scheme which

Available online 14 March 2011

includes both authentication and remedy abilities that allow for detection of the corrupted

area and use of the hidden information to repair the secret image with reasonable visual

Keywords:

quality. In comparison with previous schemes, this approach results in superior visual

Secret-sharing

Authentication

qualities of the stego-images by an average of more than 3 dB.

Visual quality Ó 2011 Elsevier Inc. All rights reserved.

Remedy ability

1. Introduction

The (t, n)-threshold scheme is a secret-sharing technique ﬁrst invented by Shamir [12] for a dealer splitting a secret into n

shares and then distributing them to n distinct players, where t 6 n. Later, at least t shares can cooperate together to

reconstruct the secret. No information about the secret can be revealed while someone has only t 1 shares. One of the

secret-sharing techniques for digital images is visual cryptography, pioneered by Naor and Shamir in 1994 [12]. Visual cryp-

tography [1,6,8,10,11,13] is a cryptographic technique that allows the visual image to be encrypted and the visual informa-

tion to be decrypted by the human visual system, without the aid of a computer. That is, shares are printed as separate

transparencies, and the secret image can be decrypted by overlaying those transparencies. Although the original image

can appear when the transparencies are overlaid, the decrypted image is never completely identical to the original secret

image. Consequently, the technique is not suited for some sensitive domains, such as medical and military systems, because

any distortions are intolerable. In addition, the shares are similar to random noise images, which arouse censors’ notice.

To meet these requirements, several studies [2,3,5,13,14,16] have proposed hiding the shares into meaningful content

with steganography techniques, also called meaningful secret-sharing schemes. Steganography [9] is a technique for embed-

ding secrets into digital media, such as digital images, without appearing suspicious to censors. Another beneﬁt of the

schemes is that the meaningful shares can be easier than noise-like shares for participants to distinguish in order to use

the shares to reconstruct the secret images when each participant player has a certain number of shares. Extending the

meaningful secret-sharing techniques, some researchers [4,7,17] have imported the authentication mechanisms into their

⇑ Corresponding author. Address: Department of Applied Informatics and Multimedia, Asia University, Taichung 41354, Taiwan. Tel.: +886 04

23323456x20112; fax: +886 04 23304708.

E-mail addresses: ccc@cs.ccu.edu.tw (C.-C. Chang), chenyh@cs.ccu.edu.tw, circlechen@gmail.com (Y.-H. Chen), g9662530@oz.nthu.edu.tw (H.-C. Wang).

0020-0255/$ - see front matter Ó 2011 Elsevier Inc. All rights reserved.

doi:10.1016/j.ins.2011.03.002

3074 C.-C. Chang et al. / Information Sciences 181 (2011) 3073–3084

schemes to verify the ﬁdelity of participants’ shares before reconstructing the secret. With the authentication ability, the cor-

rupted pixels in shares are detected and marked as inauthentic areas to warn the participant players.

Applying the (t 1)-degree polynomials and steganography technique, Lin and Tsai [7] proposed a meaningful secret-

sharing scheme. Their scheme cannot be used to completely reconstruct the secret image while any pixel value in the secret

image is out of the range from 0 to 250. In addition, the visual quality, on average, ranges from 37 dB to 39 dB. To improve Lin

and Tsai’s scheme, Yang et al. [17] proposed a lossless meaningful secret-sharing scheme that provides better visual quality

than that of Lin and Tsai’s scheme ahead by an average of 2 dB. Moreover, they pointed out the weakness of Lin and Tsai’s

authentication mechanism, where the veriﬁcation process will fail when unauthorized participants comply with the parity-

checking rule to generate a fake stego-image. In their improved version, Yang et al. reset the authentication rule to generate a

more secure authentication code. However, the correct rate of tamper detection achieved by their scheme is at just 0.52.

Improving Yang et al.’s scheme, Chang et al. [4] proposed a more secure authentication mechanism by using the Chinese

remainder theorem (CRT) to generate new authentication code and slightly improved the correct rate of tamper detection

to be near 0.97. Furthermore, the visual quality of Chang et al.’s scheme is close to 41 dB, which is more than that of Yang

et al.’s.

However, none of these meaningful secret-sharing schemes import both authentication and recovery mechanisms. With-

out a recovery mechanism, parts of secret image will never be obtained if a malevolent attacker tampers with the stego-

images transferring between participant parties. To make sure the information in the secret image can be retrieved even

if parts of it suffer from tampering, this paper imports a remedy mechanism for repairing the inauthentic area in a secret

image. Although the inauthentic area cannot be completely reconstructed, the visual quality of the repaired image is good

enough for authorized players to recognize the original information. In addition, the visual quality of the stego-image is, on

average, greater than 45 dB, which signiﬁcantly improves the performances of the schemes [4,7,17].

The remainder of this paper is organized as follows. Section 2.1 brieﬂy describes Shamir’s method for secret sharing. The

overview of schemes [4,7,17] are shown in Section 2.2. Our proposed meaningful secret sharing scheme, reconstruction, and

authentication and remedy abilities are portrayed in Sections 3.1–3.3, respectively. Section 4 shows the experimental results.

In these experiments, we compared our performances with those of the schemes [4,7,17]. Finally, we draw our conclusions

and further works in Section 5.

2. Related work

This section brieﬂy illustrates the concept of Shamir’s secret-sharing scheme and reviews recent studies.

In Shamir’s scheme, a unique polynomial of degree (t 1) is ﬁt, as shown in Eq. (1), where the secret is the ﬁrst coefﬁcient

s and the rest of the coefﬁcients m1, m2, . . . , mt1 are selected at random. The n points, they are also called shares, are on the

curve and assigned to n distinct players. Later, any t shares, assuming their own participants’ identiﬁcations xi’s are

x1, x2, . . . , xt, can be used to reconstruct the original (t 1)-degree polynomial by using Eq. (2), so the secret s can ﬁnally

be obtained.

Fðxi Þ ¼ þ þ þ : ð2Þ

ðx1 x2 Þðx1 x3 Þ ðx1 xt Þ ðx2 x1 Þðx2 x3 Þ ðx2 xt Þ ðxt x1 Þðxt x2 Þ ðxt xt1 Þ

Here, we brieﬂy demonstrate how the schemes proposed in [4,7,17] design meaningful secret-sharing methods applying

Shamir’s method. Lin and Tsai’s scheme divides the cover image size of 2 2 pixels into several blocks Xi and treats the pixels

in the secret image as a secret message depicted as si, for i = 1 to sz, where sz is the size of the secret image. Next, the user

deﬁnes a formula as Fðxi Þ ¼ ðsi þ m1 xi þ m2 x2i þ þ mt1 xt1

i Þ mod 251, where the value of the top-leftmost pixel in the Xi

block is treated as the value of xi, and the values of m1, m2, . . . , mt1 are chosen at random but are always less than 251. The

pixel value will be replaced with 250, while its value ranges from 250 to 255, so the quality of the reconstructed secret image

is degraded. The authentication code is generated by following the parity-checking rule. Finally, the value of F(xi) and

authentication code are embedded into the reminder pixels in block Xi with LSB (least signiﬁcant bit) substitution. Unfortu-

nately, the proposed authentication procedure is weak because the fake image will always pass the veriﬁcation procedure

when it is created by following the parity-checking rule.

To prevent the degraded reconstruction in Lin and Tsai’s scheme, Yang et al. improved the formula using Galois Field

GF(28) instead of GF (251) to rebuild the formula as FðxÞ ¼ ðsi þ m1 xi þ m2 x2i þ þ mt1 xt1i Þ mod ðx8i þ x4i þ x3i þ xi þ 1Þ,

where si is the pixel value in secret image so a lossless version is proposed. Next, they used the HMAC (Hashed-based mes-

sage authentication code) to generate the authentication code for averting form the weakness in Lin and Tsai’s veriﬁcation

C.-C. Chang et al. / Information Sciences 181 (2011) 3073–3084 3075

procedure. In Yang et al.’s experiments, both the visual image quality and the security issue are superior to that of Lin and

Tsai’s scheme.

In 2008, Chang et al. proposed a CRT-based (Chinese remainder theory) authentication bit generation to improve the

authentication ability of Yang et al.’s scheme. They also create the formula as Fðxi Þ ¼ ðsi þ m1 xi þ m2 x2i þ þ mt1 xt1

i Þ

mod 251. To completely reconstruct the secret image, they apply Thien and Lin’s scheme [15] of using two pixels to present

the pixel when its value is greater than 250. For example, the pixel value 254 can be divided into two pixels: 250 and 4. Later,

the decoder must decode two successive pixels to reconstruct the original pixel value if the reconstructed pixel value is 250.

As for the experiments in Chang et al.’s scheme, all of the performances are superior to that of Yang et al.’s scheme.

3. Proposed scheme

In this section, we designed a novel scheme which can losslessly reconstruct the secret image without additional pixels no

matter what the original pixel value is. As for the schemes [4,7,17], a pixel in a secret image is presented as a parameter si put

into the Formula F(xi). In the proposed scheme, the pixel value is segmented into three pieces and then transformed into

three integers as parameters used for creating a new formula. The proposed scheme is composed of three procedures: the

ﬁrst procedure is the sharing and embedding procedure, the second is the authentication procedure, and the third is the

reconstruction procedure.

The ﬂowchart of the sharing and embedding procedure is shown in Fig. 1. A secret image S and participant’s identiﬁcation

dk are input into the procedure, where all of the values dk are mutually exclusive. Assume that each pixel in the secret image

has a unique identiﬁcation denoted as PID, and all the PIDs can be seen as a serial number sequence. In the shufﬂing phase,

the serial number sequence is shufﬂed by using a secret key K1, which is called a shufﬂed serial number sequence. As shown

in Fig. 2, the original serial number sequence and the shufﬂed serial number sequence are depicted as sets {1, 2, 3, 4, 5, 6, 7, 8}

and {2, 4, 6, 7, 1, 5, 8, 3}, respectively. At the same position of those two sets, two mapping PIDs are treated as a pixel-partner

pair. That is, the ﬁrst sequence numbers in such two sequences are 1 and 2, so pixels with PIDs 1 and 2 are a pixel-partner

pair. For simplicity, a pixel-partner pair is denoted as (Sx, Sy), where Sx and Sy are pixel values, and x and y are the values of

PIDs.

In the secret-sharing phase, pixel values in the pixel-partner pair (Sx, Sy) are expressed by using 8-bit binary streams as

1 2 3 4 5 6 7 8 1 2 3 4 5 6 7 8 1 2 3 4 5 6 7 8

(bx bx bx bx bx bx bx bx ; by by by by by by by by Þ. Next, the bit stream ðbx bx bx bx bx bx bx bx Þ is divided into three parts, which are then

transformed into three decimal integers, ax, bx and cx, using Eq. (3).

4 5 6

bx ¼ bx 22 þ bx 21 þ bx 20 ; ð3Þ

7 1 8 0

and cx ¼ bx 2 þ bx 2 :

1 2 3 4

We embed the values of by ; by ; by and by into parameters ax, bx and cx as a0x ; b0x and c0x using Eq. (4).

a0x ¼ ax þ 8 b1y ;

2

b0x ¼ b0x þ 8 by ; ð4Þ

0 3 1 4 0 2

and c ¼ cx þx ðby 2 þ by 2 Þ2 :

Subsequently, the parameters a0x ; b0x and c0x are used to build a formula, as in Eq. 5.

After inputting the participant’s identiﬁcation dk, the value Fx(dk) is returned. Since the value Fx(dk) is the key for inversing

the values a0x ; b0x and c0x , it needs to be protected for later verifying its integrity. Firstly, the value Fx(dk) is transformed into a

5-bit binary stream s1x s2x s3x s4x s5x and then we divide the 5-bit binary stream with Eq. (6) to generate three parameters as A1x ; A2x

and A3x .

3076 C.-C. Chang et al. / Information Sciences 181 (2011) 3073–3084

A1x ¼ s1x ;

A2x ¼ s2x 21 þ s3x 20 ; ð6Þ

and A3x ¼ s4x 1

2 þ s5x 2 :0

Next, we mixed every two of the three digits with x by using hash function to generate three parameters A e1; Ae 2 and A e3

x x x

e 1 e2

using Eq. (7), x is the value of pixels PID. Finally, the authentication codes are generated by mixing the parameters A x ; A x and

e 3 with the XOR operation, presented by the notation , to produce the authentication code ax with Eq. (8), where the LSBi

A x

function returns the values of the ith LSB.

e 1 ¼ hashðxkA2 kA3 Þ;

A x x x

A e 1 kA2 Þ;

e 2 ¼ hashðxk A ð7Þ

x x x

x x x

e1 A

ax ¼ LSB5 ð A e2 A

e 3 Þ 23 þ LSB6 ð A

e1 A

e2 A

e 3 Þ 22 þ LSB7 ð A

e1 A

e2 A

e 3 Þ 21 þ LSB8 ð A

e1 A

e2 A

e 3 Þ: ð8Þ

x x x x x x x x x x x x

5

The parameters Fx(dk), ax and by

are embedded into the cover image by using a steganography technique. Before data

embedding, the cover image is divided into several blocks of 2 2 pixels. Their corresponding location and notation for

the block Px are shown in Fig. 3, where this block is used for embedding the data generated from the xth pixel in the secret

image and its four pixels are denoted as P 1x ; P2x ; P 3x and P 4x .

5

Before data embedding, we let the hidden data Fx(dk), ax and by re-express as a digital decimal Dx with Eq. (9) at ﬁrst. The

5

sufﬁxes of Eq. (9) are 2, 17, and 17 which are the total number of possible values for Fx(dk), ax and by , respectively. For exam-

ple, the value of Fx(dk) ranges from 0 to 16 so there are totally 17 possible values; therefore, its corresponding sufﬁx is 17.

1 2 3 4

Later, the value of Dx can be represented as ðdx dx dx dx Þ5 by using the 5-based notational system.

5 5

Dx ¼ ðF x ðdk Þ; ax ; by Þ2;17;17 ¼ F x ðdk Þ 2 17 þ ax 2 þ by : ð9Þ

1 2 3 4

Using the embedding algorithm, as shown in Fig. 4, the notations and dx ; dx ; dx

can be embedded into the pixels dx

P1x ; P2x ; P3x and P 4x , respectively, in the four-pixel block Px.

When all pixels in the secret image are embedded into the cover image, the embedded image, which we call the

stego-image and depict as Cdk, is transferred to the legal participant.

C.-C. Chang et al. / Information Sciences 181 (2011) 3073–3084 3077

Before participants join in the reconstruction procedure, the ﬁdelity of their own shares can be veriﬁed in advance using

this procedure, and this procedure can be used to check whether the stego-image is authentic. The ﬂowchart of this proce-

dure contains three phases, as shown in Fig. 5: the extracting phase, the authentication phase and the adjusting phase.

First, the participant’s PID value dk and his own stego-images C dk are inputted into the extracting phase. Next, the input

stego-image is divided into several blocks of 2 2 pixels, as shown in Fig. 3. The hidden data De x can be extracted using Eq.

(10).

X

4

ex ¼

D ðPix mod 5Þ 5i1 : ð10Þ

i¼1

e x ðdk Þ; a ~5 Þ

~x ; b e

y 2;17;17 using Eq. (11). The value of F x ðdk Þ can be represented as

s1x s2x s3x s4x s5x using a 5-based notational system. Inputting the values of s1x ; s2x ; s3x ; s4x and s5x , we generate the authentication codes

ax using Eqs. (6)–(8). Finally, the authentication phase checks whether the values of ax and a ~x are equal. If they are equal, a

white pixel is output; otherwise, a black pixel is output. It is noted that the white and black pixels denote the values as

authentic and inauthentic pixels, respectively.

e

F x ðdk Þ ¼ De x =ð2; 17Þ;

~x ¼ ð D

a e x mod ð2 17ÞÞ=2; ð11Þ

~5 ¼ ð D

b e x mod ð2 17ÞÞ mod 2:

y

3078 C.-C. Chang et al. / Information Sciences 181 (2011) 3073–3084

The authenticated results are shown in Fig. 7(a), where some inauthentic parts are veriﬁed as authentic ones. This kind of

false detection will cause the secret image cannot be fully repaired in the reconstruction procedure. To prevent this from

occurring, we propose an adjusted mechanism. In the adjusted phase, the decoder re-scans the authenticated results and

looks up four parameters left, right, top and down as shown in Fig. 6. Next, we use those four locations to form a rectangle

with four coordinates (left, top), (right, top), (left, down) and (right, down) and force all pixels in the rectangle to be judged

inauthentic and colored black (Fig. 7(b)). Finally, the adjusted results are seen as input data into the reconstruction

procedure.

In this procedure, only when at least three legal participants join together can the secret image be reconstructed. The

ﬂowchart of this procedure consists of two phases, as shown in Fig. 8. For simplicity, we assume the three input stego-images

are C1, C2 and C3, and their participants’ PIDs d1, d2 and d3 are 1, 2 and 3, respectively. As described in Section 3.2, we can get

the values of F~x ðd1 Þ; eF x ðd2 Þ and e

F x ðd3 Þ from stego-images C1,C2 and C3, respectively. While the pixel is marked as authentic,

the parameters as ax ; b0x and c0x can be obtained using Eq. (12).

0

C.-C. Chang et al. / Information Sciences 181 (2011) 3073–3084 3079

1 1 1

c0x ¼ eF x ðd1 Þ þ eF x ðd2 Þ þ eF x ðd3 Þ mod 17;

ðd1 d2 Þðd1 d3 Þ ðd2 d1 Þðd2 d3 Þ ðd3 d1 Þðd3 d2 Þ

d2 þ d3 d1 þ d3 d1 þ d2

b0x ¼ 1 ð e F x ðd1 Þ þ e F x ðd2 Þ þ e F x ðd3 ÞÞ mod 17; ð12Þ

ðd1 d2 Þðd1 d3 Þ ðd2 d1 Þðd2 d3 Þ ðd3 d1 Þðd3 d2 Þ

d2 d3 d1 d3 d1 d2

a0x ¼ Fe x ðd1 Þ þ Fe x ðd2 Þ þ Fe x ðd3 Þ mod 17:

ðd1 d2 Þðd1 d3 Þ ðd2 d1 Þðd2 d3 Þ ðd3 d1 Þðd3 d2 Þ

1 2 3 4

Next, the values of ax ; bx ; cx ; by ; by ; by and by can be found using the reconstructing algorithm shown in Fig. 9.

Table 1

The values generated by Eqs. (3)–(5).

2 125 120 3 7 1 3 15 13 3 þ 15dk þ 13d2k mod 17

Table 2

The corresponding embedded stego-images and corrupted stego-images generated by the corresponding parameters.

by dx dx dx dx

P 1x P 2x P 3x P 4x P 1x P 2x P 3x P 4x

1 2 11 12 1 399 3 0 4 4 103 95 104 104 103 95 104 104

1 3 0 7 1 15 0 0 3 0 95 95 103 95 95 95 103 95

2 1 14 1 1 479 1 4 0 4 103 104 95 104 103 104 95 104

2 2 0 3 1 7 0 0 1 2 95 95 101 102 95 95 101 102

2 3 12 9 1 427 3 2 0 2 103 102 95 102 103 102 95 102

3080 C.-C. Chang et al. / Information Sciences 181 (2011) 3073–3084

The parameters ax, bx and cx can be used to reconstruct the original secret pixel as Sx = ax 8 4 + bx 4 + cx. Then the

1 2 3 4 5

copied pixel can be obtained as Sy ¼ by 27 þ by 26 þ by 25 þ by 24 þ by 23 þ 5. Two pixels Sx and Sy are output into

two images, namely the reconstructed image and the copied image. Using the secret key K1, the PIDs of the copied image will

be reordered as the same sequence as the reconstructed image. Finally, if the pixels are judged as inauthentic, the pixels in

the reconstructed image are replaced with those of copied image at the same position.

For example, a secret image has two pixels with pixel values 120 and 125. Assume that the original serial number se-

quence and the shufﬂed serial number sequence are as two sets {1, 2} and {2, 1}. Therefore, the pixel-partner pairs are

(1, 2) and (2, 1). The values generated from Eqs. (3)–(5), are listed in Table 1.

Table 3

The value calculated by Eqs. (10) and (11) and the corresponding authentic results.

x dk ex

D e

F x ðdk Þ e

ax e

b 5y Authentic results

1 1 338 9 16 0 Inauthentic

1 2 399 11 12 1 Authentic

1 3 15 0 7 1 Authentic

2 1 479 14 1 1 Authentic

2 2 7 0 3 1 Authentic

2 3 427 12 9 1 Authentic

Table 4

The reconstructed pixel and its repaired pixel.

by

2

by

3

by by

4 5

by Reconstructed pixel Repaired pixel

2 3 15 13 3 7 1 0 1 1 1 1 125 120

C.-C. Chang et al. / Information Sciences 181 (2011) 3073–3084 3081

As shown in Table 2, the values x and dk are input to calculate the value Fx(dk) with Eq. (5). Next, the authentication code ax

and value Dx are generated with Eqs. (6)–(9), respectively. We embed value Dx into three four-pixel groups from three dif-

ferent stego-images with the embedding algorithm as shown in Fig. 4. To simplify the description, all the pixel values in

those three stego-images are all 103. After data embedding, the embedded pixel-groups are listed below the ‘‘embedded ste-

go-images’’ ﬁeld. We assume that the attackers modify some of the pixels and list below the ‘‘corrupted stego-images’’ ﬁeld.

Before reconstructing the secret image, the process must evaluate whether the stego-pixels are authentic. During the

authentication procedure, the value D e x is calculated with Eq. (10). Later on, the values e ~5 can be produced

~x , and b

F x ðdk Þ; a y

by using Eq. (11). The given value Fx(dk) can generate an authentication code a ~x through Eqs. (6)–(8). If the values a ~x and

ax are the same, the pixel is authentic. As for this example, only the ﬁrst pixel is inauthentic in Table 3.

Due to a four-pixel group is judged as inauthentic, the ﬁrst secret pixel cannot be obtained anymore. Therefore, we skip the

inauthentic ones. Later on, we reconstruct the authentic pixel and its partner-pixel. The values of a0x ; b0x and c0x are calculated

1 2 3 4

by using Eq. (12). Subsequently, the values of ax ; bx ; cx ; by ; by ; by and by can be obtained by using the reconstructing algorithm.

1 2 3 4 5

We collect the values of by ; by ; by ; by and by to produce a repaired pixel in Table 4. Because the ﬁrst pixel is inauthentic, we

replace it with the repaired pixel which PID is equal to that of the ﬁrst pixel. As for the partner-pixel pair (2, 1), we know that

the inauthentic pixel’s PID value equal to 1, therefore, it can be repaired by the partner-pixel of the pixel’s PID equal to 2. In this

example, we can replace the ﬁrst pixel with the second pixel’s partner-pixel so the ﬁrst pixel value is repaired as 120.

Our scheme focuses on comparing the performances of schemes [4,7,17]. Although schemes [4,7,17] support authentica-

tion mechanism, they did not support any recovery mechanisms. In our proposed scheme, we deﬁne the scheme not only to

improve the visual quality but also to have a recovery mechanism. To achieve such purpose, we modify the traditional

(t, n)-secret sharing mechanism to become (3, n)-secret sharing mechanism. It also has the ﬂexibility to expend (3, n)-secret

sharing mechanism to be (t + 2, n)-secret sharing mechanism, where 1 < t 6 n. The formula is deﬁned as below.

F x ðdk Þ ¼ ða0x þ b0x dk þ c0x d2k þ e1 d3k þ e2 d4k þ þ et dtþ2

k Þ mod 17, where e1, e2, . . . , et are chosen by random.

4. Experimental results

This section discusses (1) the visual qualities of stego-images, (2) the detection results when the stego-image is tampered

with, and the visual quality of the reconstructed image after repairing the corrupted area, and (3) a comparison with the

3082 C.-C. Chang et al. / Information Sciences 181 (2011) 3073–3084

other existing schemes cited as [4,7,17]. The secret image with 256 256 pixels is shown in Fig. 10(a), and ﬁve cover images

with 512 512 pixels as shown in Fig. 10(b)–(f), which are ‘‘Baboon,’’ ‘‘F16,’’ ‘‘Sailboat,’’ ‘‘Lena,’’ and ‘‘Pepper,’’ respectively.

The metric of visual quality measurement is PSNR (peak signal-to-noise ratio). Its value depends on the distortions

between the original image and the compared image. In general, a higher PSNR reﬂects better visual quality. The PSNR is

calculated with Eq. (13), where MSE is deﬁned as Eq. (14).

2552

PSNR ¼ 10log 10 dB; ð13Þ

MSE

1 XX

h w

MSE ¼ ðpij p0ij Þ2 ; ð14Þ

hw i¼1 j¼1

where h and w are the height and weight of the original image, and pij and p0ij are the pixel values of the original image and its

compared image, respectively.

All the stego-images and all the PSNR values are shown in Fig. 11(a)–(e). On average, the visual quality is larger than

45.10 dB, so it is difﬁcult for human eyes to recognize whether they are embedded with hidden data.

To prevent attackers from fooling participants into retrieving incorrect data, the authentication and repair mechanisms

are performed. Fig. 12(a)–(e) are the corrupted stego-images: in Fig. 12(a), a piece of the stego-image is cropped out, the

words ‘‘I CAN FLY’’ are inserted in Fig. 12(b), the boat sailing on the lake is removed in Fig. 12(c), some noises are added

in Fig. 12(d), and a smile shape is inserted into Fig. 12(e).

Based on Figs. 12(a)–(e), the corresponding results of tamper detection, the repaired secret images and their visual quality

after repair are shown in Table 5(a)–(e). In the results, the larger the corrupted area, the worse the visual quality of the re-

paired secret image will be. In Fig. 12(a), the 25% block is dropped out from the stego-image ‘‘Baboon,’’ and its relative detec-

tion result and repaired result is shown in Table 5(a). The words ‘‘I CAN FLY’’ in Fig. 12(b) can be detected as corrupted area as

shown in Table 5(b). The removed boat in Fig. 12(c) can be detected as modiﬁed area and repaired as shown in Table 5(c). The

detector can detect the noise areas represented in Fig. 12(d), and the detected and repaired results are shown in Table 5(d).

Finally, a smile mark covers the stego-image, as shown in Fig. 12(e), and the corrupted places are detected and repaired, as

shown in Table 5(e). As the experiments, we can observe that the visual quality of repaired image depends on what size of

the corrupted area is because larger corrupted areas will cause lower visual quality.

C.-C. Chang et al. / Information Sciences 181 (2011) 3073–3084 3083

Table 5

Performances of tamper detection and repair ability.

Corrupted stego-image Tamper detection Repaired secret image PSNR of repaired secret image

In general, the larger size of damage areas are, the lower image qualities of secret images will be. We summarize the im-

age qualities of secret images based on different percentages of the damage areas in Table 6.

The performance (visual quality, PSNR) of our stego-images compared with the schemes proposed in [4,7,17] are shown

in Table 7. All the visual qualities of the stego-images created using our proposed scheme are superior to those created by the

Table 6

The damage area and its corresponding output image quality of secret image.

5 >55

10 >47

15 >42

20 >35

30 >30

>30 <30

3084 C.-C. Chang et al. / Information Sciences 181 (2011) 3073–3084

Table 7

Comparison of performances between our proposed scheme and schemes proposed in [4,7,17].

Scheme [4] 40.93 40.99 40.98 40.97 40.96 No

Scheme [7] 37.71 38.35 38.49 38.60 38.29 No

Scheme [17] 40.06 40.15 40.97 41.10 40.66 No

Proposed scheme 45.10 45.11 45.10 45.12 45.12 Yes

other schemes. As for the visual quality, on average, the performance of our proposed scheme is about 6.6 dB greater than

that of the scheme proposed in [7], and about 4 dB greater than that of the schemes proposed in [4,17]. Without any tam-

pering attacks, our proposed scheme can losslessly reconstruct the secret image as well as the schemes proposed in [4,17].

Moreover, none of schemes [4,7,17] proposed any remedy abilities to repair the secret image after tamper detection.

5. Conclusions

Recently, Lin and Tsai’s, Yang et al.’s, and Chang et al.’s schemes for authentication were proposed to avert the illegal

shares from being joined into the reconstruction procedure. However, these schemes do not offer a remedy mechanism

which will be needed if a malicious attacker modiﬁes all the images communication between the participants. As the exper-

iments here show, the remedy for the secret image remains 45 dB. In the future, we hope to propose a lossless recovery

method to completely reconstruct the secret image after the shares have undergone attacks.

References

[1] Y.F. Chen, Y.K. Chan, C.C. Huang, M.H. Tsai, Y.P. Chu, A multiple-level visual secret-sharing scheme without image size expansion, Information Sciences

177 (21) (2007) 4696–4710.

[2] C.C. Chang, C.C. Lin, C.H. Lin, Y.H. Chen, A novel secret image sharing scheme in color images using small shadow images, Information Sciences 178 (11)

(2008) 2433–2447.

[3] C.C. Chang, C.Y. Lin, C.S. Tseng, Secret image hiding and sharing based on the (t, n)-threshold, Fundamenta Informaticae 76 (4) (2007) 399–411.

[4] C.C. Chang, Y.P. Hsieh, C.H. Lin, Sharing secrets in stego images with authentication, Pattern Recognition 141 (10) (2008) 3130–3137.

[5] J.B. Feng, H.C. Wu, C.S. Tsai, Y.P. Chu, A new multi-secret images sharing scheme using Lagrange’s interpolation, Journal of Systems and Software 76 (3)

(2005) 327–339.

[6] W.P. Fang, Friendly progressive visual secret sharing, Pattern Recognition 41 (4) (2008) 1410–1414.

[7] C.C. Lin, W.H. Tsai, Secret image sharing with steganography and authentication, Journal of Systems and Software 73 (3) (2004) 405–414.

[8] D.C. Lou, H.K. Tso, J.L. Liu, A copyright protection scheme for digital images using visual cryptography technique, Computer Standards and Interfaces 29

(1) (2007) 125–131.

[9] Y. Lee, H. Kim, Y. Park, A new data hiding scheme for binary image authentication with small image distortion, Information Sciences 179 (22) (2009)

3866–3884.

[10] R. Lukac, K.N. Plataniotis, Bit-level based secret sharing for image encryption, Pattern Recognition 38 (5) (2005) 767–772.

[11] M. Naor, A. Shamir, Visual cryptography, in: Advances in Cryptology-EuroCrypt’94, LNCS, vol. 950, Springer, Berlin, 1995, pp. 1–2.

[12] A. Shamir, How to share a secret, Communications of the Association for Computing Machinery (1979) 612–613.

[13] S.J. Shyu, S.Y. Huang, Y.K. Lee, R.Z. Wang, K. Chen, Sharing multiple secrets in visual cryptography, Pattern Recognition 40 (12) (2007) 3633–3651.

[14] D.S. Tsai, G. Horng, Z.H. Chen, Y.T. Huang, A novel secret image sharing scheme for true-color images with size constraint, Information Sciences 179

(19) (2009) 3247–3254.

[15] C.C. Thien, J.C. Lin, Secret image sharing, Computers and Graphics 26 (1) (2002) 765–770.

[16] C.S. Tsai, C.C. Chang, T.S. Chen, Sharing multiple secrets in digital images, Journal of Systems and Software 64 (2) (2002) 163–170.

[17] C.N. Yang, T.S. Chen, K.H. Yu, C.C. Wang, Improvements of image sharing with steganography and authentication, Journal of Systems and Software 80

(7) (2007) 1070–1076.

- HIDING A MESSAGE IN MP3 USING LSB WITH 1, 2, 3 AND 4 BITSUploaded byAIRCC - IJCNC
- A New Crypto-Watermarking Method for Medical ImageUploaded byAyinde Abiodun
- 202-7201Uploaded bycontulluialex
- Lecture 11Uploaded byaalon04
- Seminar PresentationUploaded byNitin
- Digital Watermarking and Steganography_ Fundamentals and Techniques 2nd Edition.pdfUploaded bymnbvcxddsaaa
- 4932707 CryptographyUploaded byRanjith Sudhakaran
- Information Security Principles and Practice, 2nd Edition, By Mark StampUploaded byAlex P S
- [IJET-V1I6P12] Authors: Manisha Bhagat, Komal Chavan ,Shriniwas DeshmukhUploaded byInternational Journal of Engineering and Techniques
- S17-07Uploaded byHari Ram
- Survey on Efficient Information Retrieval for Ranked Query in Cost-Efficient CloudsUploaded byEditor IJRITCC
- Lecture 19Uploaded byCarlos Gean R. Lopes
- Steganography PresentationUploaded byDivya Mittal
- Visual CryptographyUploaded byHari Ram
- Cryptography Role in Information SecurityUploaded byPham Ray
- A Prototype Implementation for Public Key Infrastructure Based on Transport Layer SecurityUploaded byAnonymous vQrJlEN
- Fundamental of E- Commerce5Uploaded byAyush Garg
- Entropy and Structure in CryptographyUploaded byDartanian_Dog
- apcsp pacing calendar 2016-17Uploaded byapi-326029889
- Lec01_IntroUploaded byJessica Martinez
- criptovirulogiaUploaded byKika Arteaga F
- A Mission of Great ImportanceUploaded byJohn Greenewald
- Final ReportUploaded byluis
- voteboxUploaded byManju Sk
- Cryptography Digital SignaturesUploaded byDaniel Dembélé
- MD5 ExperimentUploaded bySiddhesh Kudav
- bala1Uploaded byJohn Maldonado
- CHAPTER 06 - RSA CryptosystemUploaded byKavimani Prince
- IJAIEM-2013-04-23-058Uploaded byAnonymous vQrJlEN
- IRJET-Realization of AES Encryption and Decryption Based On Null Convention LogicUploaded byIRJET Journal

- AMBA VERIFICATIONUploaded bynalevihtkas
- LSB EMBEEDDING/WATERMARKINGUploaded bynalevihtkas
- Novel image encryptionUploaded bynalevihtkas
- Thesis on watermarkingUploaded bynalevihtkas
- binDCT-VLSIUploaded bynalevihtkas
- SPATIAL DOMIAN WATERMARKINGUploaded bynalevihtkas
- Pixel DifferenceUploaded byNguyễn Văn Thắng
- -A Method for Combating Random Geometric Attack on Image WatermarkingUploaded bynalevihtkas
- UVM.pptxUploaded bynalevihtkas
- FPGA IMAGE PROCESSINGUploaded bynalevihtkas
- pcwUploaded bynalevihtkas

- A CONCEPTUAL SECURE BLOCKCHAIN- BASED ELECTRONIC VOTING SYSTEMUploaded byAIRCC - IJNSA
- Journal of Computer Science IJCSIS April 2016 Part IIUploaded byijcsis
- IAETSD Implementation of LSB Image Steganography System Using Edge DetectionUploaded byiaetsdiaetsd
- Sampath Sowrirajan[1]Uploaded byAli Akbar
- Semrush Cookie (1)Uploaded byLaura Moreno Ruiz
- SSL Cert Renewal Suneel bUploaded byjsantosh_d
- Password Manager DesignUploaded byAnirudhSurendranath
- How to Convert PFX Certificate to PEM FormatUploaded byH_ctor_Kamui_G_1739
- ChangesUploaded byAlex Bragdon
- Advanced VPN Training v11 9Uploaded bymichelinno88
- Windows 7 Configuration Chapter 10Uploaded bymohdadam2002_7934828
- Coding TheoryUploaded bySanjay Sinha
- TLS Certificate Transparency, Experimental RFCUploaded byRepentChristian
- Spring CloudUploaded bySoleil
- The Netflix Tech Blog_ Protecting Netflix Viewing Privacy at ScaleUploaded bysk3342001
- CISSP-Exam-Outline.pdfUploaded bysri
- Stream Cipher vs Block CipherUploaded byRohini murugan
- Dev Art Odb CaseUploaded byLeandro Hilario
- 71858Uploaded byEnDi EduaRdson Kalidzz
- Secured Document Generation and Authentication mechanism using VSS and QR codeUploaded byIRJET Journal
- The best PGP tutorial for Mac OS X, ever | Jerzy's NotesUploaded byferrisiam
- Lecture 9Uploaded byPrasadBhattad
- TechniquesUploaded byVasantha Kumari
- London Python Developer_AWS Devop EngineerUploaded byms6675223
- Workshop Book 2018Uploaded byMsik Mssi
- ExchangeServer_ch8Uploaded byd-fbuser-30820439
- Steganography SoftwareUploaded byRatnesh Gupta Raja
- Copyright protection scheme based on visual Cryptography: A ReviewUploaded byIOSRjournal
- Remote Access_Attack VectorsUploaded byLutfi Swessi
- is-unit-iiUploaded byBhargav Vangara